xamalicious | 8a034f06f22af26c0efc7f6303034ec3405e1687c6c14cc4bf14b2631a045c03 | Triage

Sharing

General

Target

9club.apk
Size

36.1MB
Sample

240808-b3jj4a1gnb
MD5

c13f7bd53509d06a023d37d9473a3f1a
SHA1

a134cef3803b0a3b64a9287775e3e36e5d407fa5
SHA256

8a034f06f22af26c0efc7f6303034ec3405e1687c6c14cc4bf14b2631a045c03
SHA512

f5e366ff275448819adc19cffdea9a6593f13027e9343f5d3ddf41ec033961e27ccc3a203d23bb88e938124c8b174fb3c6a8bbfc61d49ef8de4517a9f50def5b
SSDEEP

786432:mLHvSBmxhAj85eOxJ8AEeP9uaTFTcPOT3jsdmnogtbEE+Ox4XOueWbjaZAfgClg+:6aSAvbFaGPCz4xDR6c3l3nRR

Score

10^/10

xamalicious android collection credential_access discovery impact persistence

Malware Config

Targets

- Target
  
  9club.apk
- Size
  
  36.1MB
- MD5
  
  c13f7bd53509d06a023d37d9473a3f1a
- SHA1
  
  a134cef3803b0a3b64a9287775e3e36e5d407fa5
- SHA256
  
  8a034f06f22af26c0efc7f6303034ec3405e1687c6c14cc4bf14b2631a045c03
- SHA512
  
  f5e366ff275448819adc19cffdea9a6593f13027e9343f5d3ddf41ec033961e27ccc3a203d23bb88e938124c8b174fb3c6a8bbfc61d49ef8de4517a9f50def5b
- SSDEEP
  
  786432:mLHvSBmxhAj85eOxJ8AEeP9uaTFTcPOT3jsdmnogtbEE+Ox4XOueWbjaZAfgClg+:6aSAvbFaGPCz4xDR6c3l3nRR
Score

7^/10

discovery impact persistence collection credential_access
- Obtains sensitive information copied to the device clipboard
  Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.
  collection credential_access impact
- Queries the mobile country code (MCC)
  discovery
behavioral1 behavioral2

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

Broadcast Receivers

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

System Checks

Credential Access

Clipboard Data

Discovery

System Information Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Data Encrypted for Impact

Data Manipulation

Transmitted Data Manipulation

Tasks

static1

behavioral1

discoveryimpactpersistence

behavioral2

collectioncredential_accessdiscoveryimpactpersistence